Tag: detection
-
UK NCSC Announces Software Vulnerability Initiative
Agency to Collaborate with External Experts on Vulnerability Research. The U.K. NCSC will collaborate with industry experts for vulnerability detection and mitigation as part of its latest Vulnerability Research Initiative. The announcement comes on the heels of funding concerns for the U.S. government-based Common Vulnerabilities and Exposures program. First seen on govinfosecurity.com Jump to article:…
-
Google finds custom backdoor being installed on SonicWall network devices
Overstep backdoor nukes key log entries, making detection hard. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/google-finds-custom-backdoor-being-installed-on-sonicwall-network-devices/
-
SquidLoader Deploys Stealthy Malware with Near-Zero Detection to Evade Security Measures
A fresh variant of SquidLoader malware has surfaced, actively entering Hong Kong institutions with previously unheard-of stealth, which is alarming for the financial industry. This sophisticated loader achieves near-zero detection rates on platforms like VirusTotal, leveraging intricate anti-analysis, anti-sandbox, and anti-debugging mechanisms to deploy Cobalt Strike Beacons for remote access. The malware’s attack chain begins…
-
One click to compromise: Oracle Cloud Code Editor flaw exposed users to RCE
Attacks could have a wider blast radius: Because Code Editor operates on the same underlying file system as the Cloud Shell, essentially a Linux home directory in the cloud, attackers could tamper with files used by other integrated services. This turns the flaw in the seemingly contained developer tool into an exposure for lateral movement…
-
iCounter Debuts With Mission to Defeat AI-Enabled Threats
Startup Raises $30M, Uses Risk Intelligence to Preempt Reconnaissance Attacks. Former FireEye and Mandiant leader John Watters unveils iCounter, a new cyber risk intelligence startup focused on targeted attacks and AI-enabled adversaries. Backed by Syn Ventures, the firm aims to transform threat detection with deeper visibility into attacker reconnaissance. First seen on govinfosecurity.com Jump to…
-
Best AI Deepfake and Scam Detection Tools for Security
Explore the best AI deepfake detection tools to spot fake videos, images, and audio. Compare real-time analysis, accuracy, and features for your needs. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cybersecurity/best-ai-deepfake-detection-tools/
-
Konfety Android Malware Exploits ZIP Tricks to Masquerade as Legit Apps on Google Play
Security researchers from zLabs have discovered a more advanced version of the Konfety Android malware, which uses complex ZIP-level changes to avoid detection and mimic genuine apps on the Google Play Store, marking a dramatic increase in mobile dangers. This malware employs an >>evil-twin
-
Email Filters Defeated by Polyglot File Trick Used in Malware Campaigns
Attackers are increasingly using advanced disguising techniques, such polyglot files, to get around email filters and successfully send phishing payloads in the constantly changing world of cyber threats. These polyglot files, which can be interpreted as multiple file formats simultaneously, allow malicious content to evade detection by appearing benign to security scanners. This shift marks…
-
New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code
Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud.The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign “decoy” app that’s hosted on the Google Play Store…
-
Attackers Hide JavaScript in SVG Images to Lure Users to Malicious Sites
Beware! SVG images are now being used with obfuscated JavaScript for stealthy redirect attacks via spoofed emails. Get insights from Ontinue’s latest research on detection and defence. First seen on hackread.com Jump to article: hackread.com/attackers-hide-javascript-svg-images-malicious-sites/
-
Android Malware Konfety evolves with ZIP manipulation and dynamic loading
A new Konfety Android malware variant uses a malformed ZIP and obfuscation to evade detection, posing as fake apps with no real functionality. Zimporium zLabs researchers are tracking a new, sophisticated Konfety Android malware variant that uses an >>evil-twin
-
Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects
A new phishing campaign uses SVG files for JavaScript redirects, bypassing traditional detection methods First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-svg-files-javascript/
-
How phishers are weaponizing SVG images in zero-click, evasive campaigns
Innovative, evasive, and targeted campaigns: Researchers pointed out that traditional endpoint detection, antivirus tools, and even email filters struggle to spot this threat because image files like SVGs are rarely considered dangerous. Compared to previous SVG-based attacks that used hosted payloads, this method keeps everything self-contained, further slipping past defenses.Victims span B2B service providers, utilities,…
-
Android malware Konfety uses malformed APKs to evade detection
A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-malware-konfety-uses-malformed-apks-to-evade-detection/
-
North Korea-linked actors spread XORIndex malware via 67 malicious npm packages
North Korea-linked hackers uploaded 67 malicious npm packages with XORIndex malware, hitting 17K+ downloads in ongoing supply chain attacks. North Korea-linked threat actors behind the Contagious Interview campaign have uploaded 67 malicious npm packages with XORIndex malware loader, hitting over 17,000 downloads in ongoing supply chain attacks. XORIndex was built to evade detection and deploy…
-
AI poisoning and the CISO’s crisis of trust
Tags: access, ai, breach, ceo, ciso, compliance, control, cybersecurity, data, defense, detection, disinformation, exploit, framework, healthcare, identity, infosec, injection, LLM, monitoring, network, privacy, RedTeam, resilience, risk, russia, saas, threat, tool, trainingFoundation models began parroting Kremlin-aligned propaganda after ingesting material seeded by a large-scale Russian network known as the “Pravda Network.”A high-profile AI-generated reading list published by two American news outlets included 10 hallucinated book titles mistakenly attributed to real authors.Researchers showed that imperceptible perturbations in training images could trigger misclassification. Researchers in the healthcare domain demonstrated…
-
The 10 most common IT security mistakes
Tags: access, attack, backup, best-practice, bsi, business, control, cyber, cyberattack, cybercrime, data, detection, group, incident response, infrastructure, Internet, login, mfa, microsoft, monitoring, network, office, password, ransomware, risk, security-incident, service, skills, strategy, technology, threat, tool, vpn2. Gateway: Weak passwords: The problem: Weak passwords repeatedly make it easier for cybercriminals to gain access to a company network. A domain administrator password with six characters or a local administrator password with only two characters is no obstacle for perpetrators. It is more than clear that this issue is often neglected in practice,…
-
New Grok-4 AI breached within 48 hours using ‘whispered’ jailbreaks
Safety systems cheated by contextual tricks: The attack exploits Grok 4’s contextual memory, echoing its own earlier statements back to it, and gradually guides it toward a goal without raising alarms. Combining Crescendo with Echo Chamber, the jailbreak technique that achieved over 90% success in hate speech and violence tests across top LLMs, strengthens the…
-
8 tough trade-offs every CISO must navigate
Tags: access, ai, attack, business, ciso, cloud, compliance, computer, cyber, cybersecurity, ddos, defense, detection, framework, group, healthcare, incident response, jobs, malicious, mfa, regulation, resilience, risk, service, technology, threat, tool, vulnerability2. Weighing security investments when the budget forces choices: Closely related to the trade-off around risk is what CISOs must navigate when it comes to security investments.”For most CISOs, when they have to make tough choices, 99% of the time it’s due to budget constraints that force them to weight risks versus rewards,” says John…
-
COMmander: Network-Based Tool for COM and RPC Exploitation
The need for solutions that improve detection skills against sophisticated attacks is growing in the ever-changing cybersecurity world. COMmander emerges as a lightweight, C#-based utility designed to bolster defensive telemetry by monitoring Remote Procedure Call (RPC) and Component Object Model (COM) activities at a granular level. Developed to address gaps in identifying network-based exploitations involving…
-
Watchguard Analysis Surfaces Major Spike in Malware Detections
An analysis of cyberattacks shared this week by Watchguard Technologies finds there was a 171% increase in total unique network malware detections and a 712% increase in endpoint detections in the first quarter of 2025 compared with the previous quarter. At the same time, the number of ransomware attacks declined 85% from the previous quarter,..…
-
AWS bolsters security tools to help customers manage AI risks
Amazon Web Services has unveiled new and updated security services, including container-level threat detection and a unified command centre, to help organisations build and secure artificial intelligence applications First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627572/AWS-bolsters-security-tools-to-help-customers-manage-AI-risks
-
SLOW#TEMPEST Hackers Adopt New Evasion Tactics to Bypass Detection Systems
Security researchers have uncovered a sophisticated evolution in the SLOW#TEMPEST malware campaign, where threat actors are deploying innovative obfuscation methods to evade detection and complicate analysis. This variant, distributed via an ISO file containing a mix of benign and malicious components, leverages DLL sideloading through a legitimate signed binary, DingTalk.exe, to load a malicious DLL…
-
Ducex Packer for Android Evades Detection with Heavy Obfuscation Techniques
The team at ANY.RUN recently reviewed a powerful Android packer called Ducex, which is linked to the infamous Triada malware, and criticized it for its sophisticated obfuscation methods. First identified within a fake Telegram app, Ducex serves as a protective shell for Triada, one of the most sophisticated Android trojans since its debut in 2016.…
-
AirMDR Tackles Security Burdens for SMBs With AI
This security startup provides managed detection and response services for small-to-midsized businesses to detect and address modern threats such as ransomware, phishing attacks, and malicious insiders. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/airmdr-tackles-smb-security-burdens-with-ai
-
Verified, featured, and malicious: RedDirection campaign reveals browser marketplace failures
Browser hijacking and phishing risks: According to their research, the malicious code was embedded in each extension’s background service worker and used browser APIs to monitor tab activity. Captured data, including URLs and unique tracking IDs, was sent to attacker-controlled servers, which in turn provided redirect instructions.The setup enabled several attack scenarios, including redirection to…
-
XwormRAT Hackers Leverage Code Injection for Sophisticated Malware Deployment
A sophisticated new distribution method for XwormRAT malware that leverages steganography techniques to hide malicious code within legitimate files. This discovery highlights the evolving tactics of cybercriminals who are increasingly using advanced obfuscation methods to bypass security detection systems and deceive unsuspecting users. The latest XwormRAT campaign represents a significant evolution in malware distribution methodology,…
-
Hackers ‘Shellter’ Various Stealers in Red-Team Tool to Evade Detection
Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hackers-shellter-red-team-tool-evade-detection